SlideShare a Scribd company logo

Project Work on Cryptography at University of Allahabad

Download as DOC, PDF
A
Arjun Shukla

arjun shukla university of allahabad ,allahabad

Software
1 of 28
PROJECT WORK ON CRYPTOGRAPHY UNIVERSITY OF ALLAHABAD Under The Supervision Of Prof. R.R.Tiwari Presented By Arjun Shukla B.Sc.3 Year Roll No -803069
Certificate This is certify that Arjun Shukla student of B.sc 3rd year has undertaken the project of “CRYPTOGRAPHY” under my guidance and supervision. This work has been done in partial fulfillment of the requirement for the degree of “Bachelor of Science” by University of Allahabad, Allahabad. . DATE- Prof.R.R.Tiwari PLACE- Dean Science Faculty University of Allahabad Allahabad
Acknowledgement The project would not have been successfully completed without the wholehearted support of our guide Prof. R. R. Tiwari. He always boosted our morals assiduously. We thank Sir for his conception and encouragement during the development of the project. He is a mentor who knew all answers. We admire his infinite patience and understanding that he guided us in a field we had no previous experience .We would also like to thank Mr. Manish Jaiswal. And all other faculty members of Computer Department have rendered us significant encouragement, in vigorous support and continuous & kind guidance. We thank them all for their invaluable guidance and other people who directly or indirectly assisted us in the successful and timely completion of Cryptography project. Arjun Shukla B.Sc. 3rd Year (Computer Science)
Index S.N. Contents Page No. 1 Introduction 6 2 History of Cryptography 7 3 What is cryptography 9 4 Security Services of Cryptography 12 5 Attacks on Cryptosystem 16 6 Hash Function 20 7 Benefits and Drawback of Cryptography 23 8 Application of Cryptography 25 9 Conclusion 26 10 References 27
INTRODUCTION The Cryptanalysis is the process of attempting to discover the plain text and/ or the key. Applications of Various Cryptographic Technologies. Why & How to Provide Network Security in the Certificates issuing, The Validity & Trust for Certificate Services, Certificate Revocation in the Internet , Intranet and other Network Communications, the Applications of Network Security to the various Data Transfer techniques and protocols .From the dawn of civilization, to the highly networked societies that we live in Today communication has always been an integral part of our existence. ●Radio communication ●Network communication ●Mobile communication ●Telephonic communication  All these methods and means of communication have played an important role in our lives, but in the past few years, network communication, especially over the Internet, has emerged as one of the most powerful Methods of communication.
History of Cryptography The art of cryptography is considered to be born along with the art of writing. As civilizations evolved, human beings got organized in tribes, groups, and kingdoms. This led to the emergence of ideas such as power, battles, supremacy, and politics. These ideas further fueled the natural need of people to communicate secretly with selective recipient which in turn ensured the continuous evolution of cryptography as well. The roots of cryptography are found in Roman and Egyptian civilizations. Hieroglyph – The Oldest Cryptographic Technique The first known evidence of cryptography can be traced to the use of ‘hieroglyph’. Some 4000 years ago, the Egyptians used to communicate by messages written in hieroglyph. This code was the secret known only to the scribes who used to transmit messages on behalf of the kings. Later, the scholars moved on to using simple mono-alphabetic substitution ciphers during500 to 600 BC. This involved replacing alphabets of message with other alphabets with some secret rule. This rule became a key to retrieve the message back from the garbled message. The earlier Roman method of cryptography, popularly known as the Caesar Shift Cipher relies on shifting the letters of a message by an agreed number (three was a common choice), the recipient of this message would then shift the letters back by the same number and obtain the original message.
Original Message a t T a c k A t d A Each letter is sifted by 2 c v V c e m C v f C “Secret message” Evolution of cryptography It is during and after the European Renaissance, various Italian and Papal states led the rapid proliferation of cryptography techniques. Various analysis and attack techniques were researched in this era to break the secret codes. • Improved coding techniques such as Vigenere Coding came into existence in the 15th century, which offered moving letters in the message with a number of variable places instead of moving them the same number of places. • Only after the 19th century, cryptography evolved from the adhoc approaches to encryption to the more sophisticated art and science of information security. • In the early 20th century, the invention of mechanical and electromechanical machines, such as the Enigma rotor machine, provided more advanced and efficient means of coding the information.
What is Cryptography: Cryptography is the art and science of making a cryptosystem that is capable of providing information security. Cryptography deals with the actual securing of digital data. It refers to the design of mechanisms based on mathematical algorithms that provide fundamental information security services. You can think of cryptography as the establishment of a large toolkit containing different techniques in security applications. The term cryptology has its origin in Greek Kryptós lógos , which means “hidden word.”Cryptography is the science of protecting data, which provides means and methods of converting data into unreadable form, so that Valid User can access Information at the Destination. Cryptography is the science of using mathematics to encrypt and decrypt data. Cryptography enables you to store sensitive information or transmit it across insecure networks (like the Internet) so that it cannot be read by anyone except the intended recipient. While cryptography is the science of securing data, cryptanalysis is the science of analyzing and breaking secure communication. Cryptanalysts are also called attackers. Cryptology embraces both cryptography and cryptanalysis.
Security Services of Cryptography The primary objective of using cryptography is to provide the following four fundamental information security services. Let us now see the possible goals intended to be fulfilled by cryptography. Confidentiality: Confidentiality is the fundamental security service provided by cryptography. It is a security service that keeps the information from an unauthorized person. It is sometimes referred to as privacy or secrecy.Confidentiality can be achieved through numerous means starting from physical securing to the use of mathematical algorithms for data encryption. Data Integrity: It is security service that deals with identifying any alteration to the data. The data may get modified by an unauthorized entity intentionally or accidently. Integrity service confirms that whether data is intact or not since it was last created, transmitted, or stored by an authorized user. Data integrity cannot prevent the alteration of data, but provides a means for detecting whether data has been manipulated in an unauthorized manner. Authentication : Authentication provides the identification of the originator. It confirms to the receiver that the data received has been sent only by an identified and verified sender. Authentication service has two variants: • Message authentication identifies the originator of the
message without any regard router or system that has sent the message. • Entity authentication is assurance that data has been received from a specific entity, say a particular website. Apart from the originator, authentication may also provide assurance about other parameters related to data such as the date and time of creation/transmission. Non-repudiation: It is a security service that ensures that an entity cannot refuse the ownership of a previous commitment or an action. It is an assurance that the original creator of the data cannot deny the creation or transmission of the said data to a recipient or third party. Non-repudiation is a property that is most desirable in situations where there are chances of a dispute over the exchange of data. For example, once an order is placed electronically, a purchaser cannot deny the purchase order, if non-repudiation service was enabled in this transaction. Source Destination Unauthorized
Cryptosystem A cryptosystem is an implementation of cryptographic techniques and their accompanying infrastructure to provide information security services. A cryptosystem is also referred to as a cipher system. Let us discuss a simple model of a cryptosystem that provides confidentiality to the information being transmitted. This basic model is depicted in the illustration below Encryption Key Decryption KEY Plaintext Ciphertext Plainte. Cryptosystem SenderSender ReceiverReceiver Encryption Algorithim Decryption Algorithm ReceiverReceiver
The illustration shows a sender who wants to transfer some sensitive data to a receiver in such a way that any party intercepting or eavesdropping on the communication channel cannot extract the data. The objective of this simple cryptosystem is that at the end of the process, only the sender and the receiver will know the plaintext. Components of a Cryptosystem: The various components of a basic cryptosystem are as follows: • Plaintext. It is the data to be protected during transmission. • Encryption Algorithm. It is a mathematical process that produces a cipher text for any given plaintext and encryption key. It is a cryptographic algorithm that takes plaintext and an encryption key as input and produces a ciphertext. • Ciphertext. It is the scrambled version of the plaintext produced by the encryption algorithm using a specific the encryption key. The ciphertext is not guarded. It flows on public channel. It can be intercepted or compromised by anyone who has access to the communication channel. • Decryption Algorithm, It is a mathematical process, that produces a unique plaintext for any given ciphertext and decryption key. It is a cryptographic algorithm that takes a ciphertext and a decryption key as input, and outputs a plaintext. The decryption algorithm essentially reverses the encryption algorithm and is thus closely related to it.
• Encryption Key. It is a value that is known to the sender. The sender inputs the encryption key into the encryption algorithm along with the plaintext in order to compute the ciphertext. • Decryption Key. It is a value that is known to the receiver. The decryption key is related to the encryption key, but is not always identical to it. The receiver inputs the decryption key into the decryption algorithm along with the ciphertext in order to compute the plaintext. Types of Cryptosystems: Fundamentally, there are two types of cryptosystems based on the manner in which encryption-decryption is carried out in the system: • Symmetric Key Encryption • Asymmetric Key Encryption Symmetric Key Encryption: The encryption process where same keys are used for encrypting and decrypting the information is known as Symmetric Key Encryption. The study of symmetric cryptosystems is referred to as symmetric cryptography. Symmetric cryptosystems are also sometimes referred to as secret key cryptosystems. A few well-known examples of symmetric key encryption methods are: Digital Encryption Standard (DES), Triple-DES (3DES), IDEA. Asymmetric Key Encryption: The encryption process where different keys are used for encrypting and decrypting the information is known as Asymmetric Key Encryption.
Though the keys are different, they are mathematically related and hence, retrieving the plaintext by decrypting ciphertext is feasible. Asymmetric Key Encryption was invented in the 20th century to come over the necessity of pre-shared secret key between communicating persons. The salient features of this encryption scheme are as follows: • Every user in this system needs to have a pair of dissimilar keys, private key and public key. These keys are mathematically related – when one key is used for encryption, the other can decrypt the ciphertext back to the original plaintext. • It requires to put the public key in public repository and the private key as a well guarded secret. Hence, this scheme of encryption is also called Public Key Encryption. SYMMETRIC KEY CRYPTOGRAPHY:
In the present era, not only business but almost all the aspects of human life are driven by information. Hence, it has become imperative to protect useful information from malicious activities such as attacks. Let us consider the types of attacks to which information is typically subjected to. Attacks are typically categorized based on the action performed by the attacker. An attack, thus, can be passive or active. Passive Attacks The main goal of a passive attack is to obtain unauthorized access to the information. For example, actions such as intercepting and eavesdropping on the communication channel can be regarded as passive attack. These actions are passive in nature, as they neither affect information nor disrupt the communication channel. A passive attack is often seen as stealing information. The only difference in stealing physical goods and stealing information is that theft of data still leaves the owner in possession of that data. Passive information attack is thus more dangerous than stealing of goods, as information theft may go unnoticed by the owner. Attacks on Cryptography Host A Host B Attacker
Active Attacks An active attack involves changing the information in some way by conducting some process on the information. For example • Modifying the information in an unauthorized manner. • Initiating unintended or unauthorized transmission of information. • Alteration of authentication data such as originator name or timestamp associated with information. • Unauthorized deletion of data. • Denial of access to information for legitimate users (denial of service). H Host A Host B Attacker
Cryptography provides many tools and techniques for implementing cryptosystems capable of preventing most of the attacks described above. Cryptographic Attacks The basic intention of an attacker is to break a cryptosystem and to find the plaintext from the ciphertext. To obtain the plaintext, the attacker only needs to find out the secret decryption key, as the algorithm is already in public domain. Hence, he applies maximum effort towards finding out the secret key used in the cryptosystem. Once the attacker is able to determine the key, the attacked system is considered as broken or compromised. Based on the methodology used, attacks on cryptosystems are categorized as follows: • Ciphertext Only Attacks (COA): In this method, the attacker has access to a set of ciphertext(s). He does not have access to corresponding plaintext. COA is said to be successful when the corresponding plaintext can be determined from a given set of ciphertext. Occasionally, the encryption key can be determined from this attack. Modern cryptosystems are guarded against ciphertext-only attacks. • Known Plaintext Attack (KPA): In this method, the attacker knows the plaintext for some parts of the ciphertext. The task is to decrypt the rest of the ciphertext using this information. This may be done by determining the key or via some other method. The best example of this attack is linear cryptanalysis against block ciphers. • Chosen Plaintext Attack (CPA): In this method, the attacker has the text of his choice encrypted. So he has the ciphertext-plaintext pair of his choice. This simplifies his task of determining the encryption key. An example of this attack is differential cryptanalysis applied against block
ciphers as well as hash functions. A popular public key cryptosystem, RSA is also vulnerable to chosen-plaintext attacks. • Dictionary Attack: This attack has many variants, all of which involve compiling a ‘dictionary’. In simplest method of this attack, attacker builds a dictionary of ciphertexts and corresponding plaintexts that he has learnt over a period of time. In future, when an attacker gets the ciphertext, he refers the dictionary to find the corresponding plaintext. • Brute Force Attack (BFA): In this method, the attacker tries to determine the key by attempting all possible keys. If the key is 8 bits long, then the number of possible keys is 28 = 256. The attacker knows the ciphertext and the algorithm, now he attempts all the 256 keys one by one for decryption. The time to complete the attack would be very high if the key is long.
Hash Function Hash functions are extremely useful and appear in almost all information security applications. A hash function is a mathematical function that converts a numerical input value into another compressed numerical value. The input to the hash function is of arbitrary length but output is always of fixed length. Values returned by a hash function are called message digest or simply hash values. The following picture illustrated hash function: H Message M (Arbitrary Length) HH Hash Value h
Features of Hash Functions The typical features of hash functions are: • Fixed Length Output (Hash Value) o Hash function coverts data of arbitrary length to a fixed length. This process is often referred to as hashing the data. o In general, the hash is much smaller than the input data, hence hash functions are sometimes called compression functions. • Efficiency of Operation o Generally for any hash function h with input x, computation of h(x) is a fast operation. o Computationally hash functions are much faster than a symmetric encryption. Properties of Hash Functions In order to be an effective cryptographic tool, the hash function is desired to possess following properties: • Pre-Image Resistance o This property means that it should be computationally hard to reverse a hash function. o In other words, if a hash function h produced a hash value z, then it should be a difficult process to find any input value x that hashes to z.
• Second Pre-Image Resistance o This property means given an input and its hash, it should be hard to find a different input with the same hash. o In other words, if a hash function h for an input x produces hash value h(x), then it should be difficult to find any other input value y such that h(y) = h(x). • Collision Resistance o This property means it should be hard to find two different inputs of any length that result in the same hash. This property is also referred to as collision free hash function. o In other words, for a hash function h, it is hard to find any two different inputs x and y such that h(x) = h(y).
Cryptography-Benefits and Drawbacks Cryptography–Benefits Cryptography is an essential information security tool. It provides the four most basic services of information security: • Confidentiality – Encryption technique can guard the information and communication from unauthorized revelation and access of information. • Authentication – The cryptographic techniques such as MAC and digital signatures can protect information against spoofing and forgeries. • Data Integrity – The cryptographic hash functions are playing vital role in assuring the users about the data integrity. • Non-repudiation – The digital signature provides the non-repudiation service to guard against the dispute that may arise due to denial of passing message by the sender. All these fundamental services offered by cryptography has enabled the conduct of business over the networks using the computer systems in extremely efficient and effective manner. Cryptography–Drawbacks Apart from the four fundamental elements of information security, there are other issues that affect the effective use of information: • A strongly encrypted, authentic, and digitally signed information can be difficult to access even for a legitimate user at a crucial time of decision-making. The network or the computer system can be attacked and rendered non-functional by an intruder. • High availability, one of the fundamental aspects of information security,
cannot be ensured through the use of cryptography. Other methods are needed to guard against the threats such as denial of service or complete breakdown of information system. • Another fundamental need of information security of selective access control also cannot be realized through the use of cryptography. Administrative controls and procedures are required to be exercised for the same. • Cryptography does not guard against the vulnerabilities and threats that emerge from the poor design of systems, protocols, and procedures. These need to be fixed through proper design and setting up of a defensive infrastructure. • Cryptography comes at cost. The cost is in terms of time and money: o Addition of cryptographic techniques in the information processing leads to delay. o The use of public key cryptography requires setting up and maintenance of public key infrastructure requiring the handsome financial budget. • The security of cryptographic technique is based on the computational difficulty of mathematical problems. Any breakthrough in solving such mathematical problems or increasing the computing power can render a cryptographic technique vulnerable.
Applications Of Cryptography 1. Defense Services 2. Secure Data Manipulation 3. E –Commerce 4. Business Transactions 5. Internet Payment Systems 6. Pass Phrasing 7. Secure Internet Comm. 8. User Identification Systems 9. Access Control 10. Computational Security 11.Secure access to Corp Data
12.Data Security. Conclusion Cryptography protects users by providing functionality for the encryption of data and authentication of other users. This technology lets the receiver of an electronic message verify the sender, ensures that a message can be read only by the intended person, and assures the recipient that a message has not be altered in transit. This paper describes the cryptographic concepts of symmetric key encryption, public-key encryption, security services of cryptography, hash functions, Attacks on cryptosystem, and key exchange. The Cryptography Attacking techniques like Active and Passive Attacks. Cryptography is a particularly interesting field because of the amount of work that is, by necessity, done in secret. The irony is that today, secrecy is not the key to the goodness of a cryptographic algorithm. Regardless of the mathematical theory behind an algorithm, the best algorithms are those that are well known and well-documented because they are also well-tested and well-studied! In fact, time is the only true test of good cryptography; any cryptographic scheme that stays in use year after year is most likely a good one. The strength of cryptography lies in the choice (and management) of the keys; longer keys will resist attack better than shorter keys.
References: • Cryptography and Network Security –By William Stallings. • Introduction to Cryptography –By Aysel Ozgur • https://www.google.com
Project Work on Cryptography at University of Allahabad

Recommended

Cryptography full report
Cryptography full reportCryptography full report
Cryptography full reportharpoo123143
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolschrizjohn896
 
Pranavi verma-cyber-security-ppt
Pranavi verma-cyber-security-pptPranavi verma-cyber-security-ppt
Pranavi verma-cyber-security-pptPranaviVerma
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYMohammad Shakirul islam
 
Social engineering
Social engineeringSocial engineering
Social engineeringyousefbokari
 
Cyber security
Cyber securityCyber security
Cyber securityBhavin Shah
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 

Recommended

Cryptography full report
Cryptography full reportCryptography full report
Cryptography full reportharpoo123143
 
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...
Cybersecurity Fundamentals | Understanding Cybersecurity Basics | Cybersecuri...Edureka!
 
Ethical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolsEthical hacking : Its methodologies and tools
Ethical hacking : Its methodologies and toolschrizjohn896
 
Pranavi verma-cyber-security-ppt
Pranavi verma-cyber-security-pptPranavi verma-cyber-security-ppt
Pranavi verma-cyber-security-pptPranaviVerma
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYMohammad Shakirul islam
 
Social engineering
Social engineeringSocial engineering
Social engineeringyousefbokari
 
Cyber security
Cyber securityCyber security
Cyber securityBhavin Shah
 
Information security and Attacks
Information security and AttacksInformation security and Attacks
Information security and AttacksSachin Darekar
 
Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber SecurityNikunj Thakkar
 
NIST Cyber Security Framework V1.1 - Infogram Poster
NIST Cyber Security Framework V1.1 - Infogram PosterNIST Cyber Security Framework V1.1 - Infogram Poster
NIST Cyber Security Framework V1.1 - Infogram PosterMark Stafford
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hackDharmesh Makwana
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageMarin Ivezic
 
Hackeando Mentes - Engenharia Social
Hackeando Mentes - Engenharia SocialHackeando Mentes - Engenharia Social
Hackeando Mentes - Engenharia SocialBruno Alexandre
 
Security in the Internet of Things
Security in the Internet of ThingsSecurity in the Internet of Things
Security in the Internet of ThingsForgeRock
 
Cyber attacks
Cyber attacks Cyber attacks
Cyber attacks Anuradha Moti T
 
CyberCrimes
CyberCrimesCyberCrimes
CyberCrimesFettah Kurtulus
 
Cyber Terrorism Presentation
Cyber Terrorism PresentationCyber Terrorism Presentation
Cyber Terrorism Presentationmerlyna
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking PowerpointRen Tuazon
 
Encryption
EncryptionEncryption
EncryptionSyed Taimoor Hussain Shah
 
Cyber security
Cyber securityCyber security
Cyber securityHarsh verma
 
Hacking
HackingHacking
HackingRanjan Som
 
Cyber security
Cyber securityCyber security
Cyber securitySabir Raja
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDmitriy Scherbina
 
Cyber security
Cyber securityCyber security
Cyber securitySapna Patil
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Edureka!
 
CYBER SECURITY.pdf
CYBER SECURITY.pdfCYBER SECURITY.pdf
CYBER SECURITY.pdfASWINASH10
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information securityDevam Shah
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityjayashri kolekar
 
Cryptography & Network Security.pptx
Cryptography & Network Security.pptxCryptography & Network Security.pptx
Cryptography & Network Security.pptxsunil sharma
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Techniqueijsrd.com
 

More Related Content

What's hot

Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber SecurityNikunj Thakkar
 
NIST Cyber Security Framework V1.1 - Infogram Poster
NIST Cyber Security Framework V1.1 - Infogram PosterNIST Cyber Security Framework V1.1 - Infogram Poster
NIST Cyber Security Framework V1.1 - Infogram PosterMark Stafford
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hackDharmesh Makwana
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageMarin Ivezic
 
Hackeando Mentes - Engenharia Social
Hackeando Mentes - Engenharia SocialHackeando Mentes - Engenharia Social
Hackeando Mentes - Engenharia SocialBruno Alexandre
 
Security in the Internet of Things
Security in the Internet of ThingsSecurity in the Internet of Things
Security in the Internet of ThingsForgeRock
 
Cyber Terrorism Presentation
Cyber Terrorism PresentationCyber Terrorism Presentation
Cyber Terrorism Presentationmerlyna
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking PowerpointRen Tuazon
 
Cyber security
Cyber securityCyber security
Cyber securitySabir Raja
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Edureka!
 
CYBER SECURITY.pdf
CYBER SECURITY.pdfCYBER SECURITY.pdf
CYBER SECURITY.pdfASWINASH10
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information securityDevam Shah
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information securityjayashri kolekar
 

What's hot (20)

Basics of Cyber Security
Basics of Cyber SecurityBasics of Cyber Security
Basics of Cyber Security
 
NIST Cyber Security Framework V1.1 - Infogram Poster
NIST Cyber Security Framework V1.1 - Infogram PosterNIST Cyber Security Framework V1.1 - Infogram Poster
NIST Cyber Security Framework V1.1 - Infogram Poster
 
Ethical hacking a licence to hack
Ethical hacking a licence to hackEthical hacking a licence to hack
Ethical hacking a licence to hack
 
Social Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionageSocial Engineering - Human aspects of industrial and economic espionage
Social Engineering - Human aspects of industrial and economic espionage
 
Hackeando Mentes - Engenharia Social
Hackeando Mentes - Engenharia SocialHackeando Mentes - Engenharia Social
Hackeando Mentes - Engenharia Social
 
Security in the Internet of Things
Security in the Internet of ThingsSecurity in the Internet of Things
Security in the Internet of Things
 
Cyber attacks
Cyber attacks Cyber attacks
Cyber attacks
 
CyberCrimes
CyberCrimesCyberCrimes
CyberCrimes
 
Cyber Terrorism Presentation
Cyber Terrorism PresentationCyber Terrorism Presentation
Cyber Terrorism Presentation
 
Ethical Hacking Powerpoint
Ethical Hacking PowerpointEthical Hacking Powerpoint
Ethical Hacking Powerpoint
 
Encryption
EncryptionEncryption
Encryption
 
Cyber security
Cyber securityCyber security
Cyber security
 
Hacking
HackingHacking
Hacking
 
Cyber security
Cyber securityCyber security
Cyber security
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Cyber security
Cyber securityCyber security
Cyber security
 
Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...Application Security | Application Security Tutorial | Cyber Security Certifi...
Application Security | Application Security Tutorial | Cyber Security Certifi...
 
CYBER SECURITY.pdf
CYBER SECURITY.pdfCYBER SECURITY.pdf
CYBER SECURITY.pdf
 
Digital certificates and information security
Digital certificates and information securityDigital certificates and information security
Digital certificates and information security
 
Introduction to information security
Introduction to information securityIntroduction to information security
Introduction to information security
 

Similar to Project Work on Cryptography at University of Allahabad

Cryptography & Network Security.pptx
Cryptography & Network Security.pptxCryptography & Network Security.pptx
Cryptography & Network Security.pptxsunil sharma
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Techniqueijsrd.com
 
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHICA NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHICijsrd.com
 
CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxRizwanBasha12
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...IOSR Journals
 
Cyber Security Unit I Part -I.pptx
Cyber Security Unit I Part -I.pptxCyber Security Unit I Part -I.pptx
Cyber Security Unit I Part -I.pptxkarthikaparthasarath
 
Cryptographic Security
Cryptographic SecurityCryptographic Security
Cryptographic Securityjp tj
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture NotesFellowBuddy.com
 
Evolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniquesEvolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniquesMona Rajput
 
cryptography.ppt - Copy.ppt
cryptography.ppt - Copy.pptcryptography.ppt - Copy.ppt
cryptography.ppt - Copy.pptSudhanshuKarna
 
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...Petar Radanliev
 
Survey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information SecuritySurvey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information SecurityCSCJournals
 

Similar to Project Work on Cryptography at University of Allahabad (20)

Cryptography & Network Security.pptx
Cryptography & Network Security.pptxCryptography & Network Security.pptx
Cryptography & Network Security.pptx
 
A Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering TechniqueA Study of Different Partitioning Clustering Technique
A Study of Different Partitioning Clustering Technique
 
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHICA NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
A NEW PROPOSED SYMMETRIC KEY ALGORITHM FOR MODERN CRYPTOGRAPHIC
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
 
Cryptography
Cryptography Cryptography
Cryptography
 
CNS new ppt unit 1.pptx
CNS new ppt unit 1.pptxCNS new ppt unit 1.pptx
CNS new ppt unit 1.pptx
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography ppt
 
F16 cs61 cryptography
F16 cs61 cryptographyF16 cs61 cryptography
F16 cs61 cryptography
 
Unit 1 QB.docx
Unit 1 QB.docxUnit 1 QB.docx
Unit 1 QB.docx
 
Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...Achieving data integrity by forming the digital signature using RSA and SHA-1...
Achieving data integrity by forming the digital signature using RSA and SHA-1...
 
Cyber Security Unit I Part -I.pptx
Cyber Security Unit I Part -I.pptxCyber Security Unit I Part -I.pptx
Cyber Security Unit I Part -I.pptx
 
Cryptographic Security
Cryptographic SecurityCryptographic Security
Cryptographic Security
 
Cryptography and Network Lecture Notes
Cryptography and Network Lecture NotesCryptography and Network Lecture Notes
Cryptography and Network Lecture Notes
 
Evolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniquesEvolution of Cryptography and Cryptographic techniques
Evolution of Cryptography and Cryptographic techniques
 
Cryptography
CryptographyCryptography
Cryptography
 
cryptography.ppt.ppt
cryptography.ppt.pptcryptography.ppt.ppt
cryptography.ppt.ppt
 
cryptography.ppt - Copy.ppt
cryptography.ppt - Copy.pptcryptography.ppt - Copy.ppt
cryptography.ppt - Copy.ppt
 
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
Dr Petar Radanliev, PhD Thesis Department of Computer Sciences, University of...
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniques
 
Survey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information SecuritySurvey Paper: Cryptography Is The Science Of Information Security
Survey Paper: Cryptography Is The Science Of Information Security
 

Recently uploaded

Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureDinusha Kumarasiri
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesŁukasz Chruściel
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfFerryKemperman
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEEVICTOR MAESTRE RAMIREZ
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...Christina Lin
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Velvetech LLC
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noidabntitsolutionsrishis
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaHanief Utama
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样umasea
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsAhmed Mohamed
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...Technogeeks
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfAlina Yurenko
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceBrainSell Technologies
 

Recently uploaded (20)

2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva2.pdf Ejercicios de programación competitiva
2.pdf Ejercicios de programación competitiva
 
Implementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with AzureImplementing Zero Trust strategy with Azure
Implementing Zero Trust strategy with Azure
 
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort ServiceHot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
Hot Sexy call girls in Patel Nagar🔝 9953056974 🔝 escort Service
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
Unveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New FeaturesUnveiling the Future: Sylius 2.0 New Features
Unveiling the Future: Sylius 2.0 New Features
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Introduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdfIntroduction Computer Science - Software Design.pdf
Introduction Computer Science - Software Design.pdf
 
Cloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEECloud Data Center Network Construction - IEEE
Cloud Data Center Network Construction - IEEE
 
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
ODSC - Batch to Stream workshop - integration of Apache Spark, Cassandra, Pos...
 
Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...Software Project Health Check: Best Practices and Techniques for Your Product...
Software Project Health Check: Best Practices and Techniques for Your Product...
 
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in NoidaBuds n Tech IT Solutions: Top-Notch Web Services in Noida
Buds n Tech IT Solutions: Top-Notch Web Services in Noida
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
React Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief UtamaReact Server Component in Next.js by Hanief Utama
React Server Component in Next.js by Hanief Utama
 
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
办理学位证(UQ文凭证书)昆士兰大学毕业证成绩单原版一模一样
 
Unveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML DiagramsUnveiling Design Patterns: A Visual Guide with UML Diagrams
Unveiling Design Patterns: A Visual Guide with UML Diagrams
 
What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...What is Advanced Excel and what are some best practices for designing and cre...
What is Advanced Excel and what are some best practices for designing and cre...
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdfGOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
GOING AOT WITH GRAALVM – DEVOXX GREECE.pdf
 
CRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. SalesforceCRM Contender Series: HubSpot vs. Salesforce
CRM Contender Series: HubSpot vs. Salesforce
 

Project Work on Cryptography at University of Allahabad

  • 1. PROJECT WORK ON CRYPTOGRAPHY UNIVERSITY OF ALLAHABAD Under The Supervision Of Prof. R.R.Tiwari Presented By Arjun Shukla B.Sc.3 Year Roll No -803069
  • 2. Certificate This is certify that Arjun Shukla student of B.sc 3rd year has undertaken the project of “CRYPTOGRAPHY” under my guidance and supervision. This work has been done in partial fulfillment of the requirement for the degree of “Bachelor of Science” by University of Allahabad, Allahabad. . DATE- Prof.R.R.Tiwari PLACE- Dean Science Faculty University of Allahabad Allahabad
  • 3. Acknowledgement The project would not have been successfully completed without the wholehearted support of our guide Prof. R. R. Tiwari. He always boosted our morals assiduously. We thank Sir for his conception and encouragement during the development of the project. He is a mentor who knew all answers. We admire his infinite patience and understanding that he guided us in a field we had no previous experience .We would also like to thank Mr. Manish Jaiswal. And all other faculty members of Computer Department have rendered us significant encouragement, in vigorous support and continuous & kind guidance. We thank them all for their invaluable guidance and other people who directly or indirectly assisted us in the successful and timely completion of Cryptography project. Arjun Shukla B.Sc. 3rd Year (Computer Science)
  • 4.
  • 5. Index S.N. Contents Page No. 1 Introduction 6 2 History of Cryptography 7 3 What is cryptography 9 4 Security Services of Cryptography 12 5 Attacks on Cryptosystem 16 6 Hash Function 20 7 Benefits and Drawback of Cryptography 23 8 Application of Cryptography 25 9 Conclusion 26 10 References 27
  • 6. INTRODUCTION The Cryptanalysis is the process of attempting to discover the plain text and/ or the key. Applications of Various Cryptographic Technologies. Why & How to Provide Network Security in the Certificates issuing, The Validity & Trust for Certificate Services, Certificate Revocation in the Internet , Intranet and other Network Communications, the Applications of Network Security to the various Data Transfer techniques and protocols .From the dawn of civilization, to the highly networked societies that we live in Today communication has always been an integral part of our existence. ●Radio communication ●Network communication ●Mobile communication ●Telephonic communication  All these methods and means of communication have played an important role in our lives, but in the past few years, network communication, especially over the Internet, has emerged as one of the most powerful Methods of communication.
  • 7. History of Cryptography The art of cryptography is considered to be born along with the art of writing. As civilizations evolved, human beings got organized in tribes, groups, and kingdoms. This led to the emergence of ideas such as power, battles, supremacy, and politics. These ideas further fueled the natural need of people to communicate secretly with selective recipient which in turn ensured the continuous evolution of cryptography as well. The roots of cryptography are found in Roman and Egyptian civilizations. Hieroglyph – The Oldest Cryptographic Technique The first known evidence of cryptography can be traced to the use of ‘hieroglyph’. Some 4000 years ago, the Egyptians used to communicate by messages written in hieroglyph. This code was the secret known only to the scribes who used to transmit messages on behalf of the kings. Later, the scholars moved on to using simple mono-alphabetic substitution ciphers during500 to 600 BC. This involved replacing alphabets of message with other alphabets with some secret rule. This rule became a key to retrieve the message back from the garbled message. The earlier Roman method of cryptography, popularly known as the Caesar Shift Cipher relies on shifting the letters of a message by an agreed number (three was a common choice), the recipient of this message would then shift the letters back by the same number and obtain the original message.
  • 8. Original Message a t T a c k A t d A Each letter is sifted by 2 c v V c e m C v f C “Secret message” Evolution of cryptography It is during and after the European Renaissance, various Italian and Papal states led the rapid proliferation of cryptography techniques. Various analysis and attack techniques were researched in this era to break the secret codes. • Improved coding techniques such as Vigenere Coding came into existence in the 15th century, which offered moving letters in the message with a number of variable places instead of moving them the same number of places. • Only after the 19th century, cryptography evolved from the adhoc approaches to encryption to the more sophisticated art and science of information security. • In the early 20th century, the invention of mechanical and electromechanical machines, such as the Enigma rotor machine, provided more advanced and efficient means of coding the information.
  • 9. What is Cryptography: Cryptography is the art and science of making a cryptosystem that is capable of providing information security. Cryptography deals with the actual securing of digital data. It refers to the design of mechanisms based on mathematical algorithms that provide fundamental information security services. You can think of cryptography as the establishment of a large toolkit containing different techniques in security applications. The term cryptology has its origin in Greek Kryptós lógos , which means “hidden word.”Cryptography is the science of protecting data, which provides means and methods of converting data into unreadable form, so that Valid User can access Information at the Destination. Cryptography is the science of using mathematics to encrypt and decrypt data. Cryptography enables you to store sensitive information or transmit it across insecure networks (like the Internet) so that it cannot be read by anyone except the intended recipient. While cryptography is the science of securing data, cryptanalysis is the science of analyzing and breaking secure communication. Cryptanalysts are also called attackers. Cryptology embraces both cryptography and cryptanalysis.
  • 10. Security Services of Cryptography The primary objective of using cryptography is to provide the following four fundamental information security services. Let us now see the possible goals intended to be fulfilled by cryptography. Confidentiality: Confidentiality is the fundamental security service provided by cryptography. It is a security service that keeps the information from an unauthorized person. It is sometimes referred to as privacy or secrecy.Confidentiality can be achieved through numerous means starting from physical securing to the use of mathematical algorithms for data encryption. Data Integrity: It is security service that deals with identifying any alteration to the data. The data may get modified by an unauthorized entity intentionally or accidently. Integrity service confirms that whether data is intact or not since it was last created, transmitted, or stored by an authorized user. Data integrity cannot prevent the alteration of data, but provides a means for detecting whether data has been manipulated in an unauthorized manner. Authentication : Authentication provides the identification of the originator. It confirms to the receiver that the data received has been sent only by an identified and verified sender. Authentication service has two variants: • Message authentication identifies the originator of the
  • 11. message without any regard router or system that has sent the message. • Entity authentication is assurance that data has been received from a specific entity, say a particular website. Apart from the originator, authentication may also provide assurance about other parameters related to data such as the date and time of creation/transmission. Non-repudiation: It is a security service that ensures that an entity cannot refuse the ownership of a previous commitment or an action. It is an assurance that the original creator of the data cannot deny the creation or transmission of the said data to a recipient or third party. Non-repudiation is a property that is most desirable in situations where there are chances of a dispute over the exchange of data. For example, once an order is placed electronically, a purchaser cannot deny the purchase order, if non-repudiation service was enabled in this transaction. Source Destination Unauthorized
  • 12. Cryptosystem A cryptosystem is an implementation of cryptographic techniques and their accompanying infrastructure to provide information security services. A cryptosystem is also referred to as a cipher system. Let us discuss a simple model of a cryptosystem that provides confidentiality to the information being transmitted. This basic model is depicted in the illustration below Encryption Key Decryption KEY Plaintext Ciphertext Plainte. Cryptosystem SenderSender ReceiverReceiver Encryption Algorithim Decryption Algorithm ReceiverReceiver
  • 13. The illustration shows a sender who wants to transfer some sensitive data to a receiver in such a way that any party intercepting or eavesdropping on the communication channel cannot extract the data. The objective of this simple cryptosystem is that at the end of the process, only the sender and the receiver will know the plaintext. Components of a Cryptosystem: The various components of a basic cryptosystem are as follows: • Plaintext. It is the data to be protected during transmission. • Encryption Algorithm. It is a mathematical process that produces a cipher text for any given plaintext and encryption key. It is a cryptographic algorithm that takes plaintext and an encryption key as input and produces a ciphertext. • Ciphertext. It is the scrambled version of the plaintext produced by the encryption algorithm using a specific the encryption key. The ciphertext is not guarded. It flows on public channel. It can be intercepted or compromised by anyone who has access to the communication channel. • Decryption Algorithm, It is a mathematical process, that produces a unique plaintext for any given ciphertext and decryption key. It is a cryptographic algorithm that takes a ciphertext and a decryption key as input, and outputs a plaintext. The decryption algorithm essentially reverses the encryption algorithm and is thus closely related to it.
  • 14. • Encryption Key. It is a value that is known to the sender. The sender inputs the encryption key into the encryption algorithm along with the plaintext in order to compute the ciphertext. • Decryption Key. It is a value that is known to the receiver. The decryption key is related to the encryption key, but is not always identical to it. The receiver inputs the decryption key into the decryption algorithm along with the ciphertext in order to compute the plaintext. Types of Cryptosystems: Fundamentally, there are two types of cryptosystems based on the manner in which encryption-decryption is carried out in the system: • Symmetric Key Encryption • Asymmetric Key Encryption Symmetric Key Encryption: The encryption process where same keys are used for encrypting and decrypting the information is known as Symmetric Key Encryption. The study of symmetric cryptosystems is referred to as symmetric cryptography. Symmetric cryptosystems are also sometimes referred to as secret key cryptosystems. A few well-known examples of symmetric key encryption methods are: Digital Encryption Standard (DES), Triple-DES (3DES), IDEA. Asymmetric Key Encryption: The encryption process where different keys are used for encrypting and decrypting the information is known as Asymmetric Key Encryption.
  • 15. Though the keys are different, they are mathematically related and hence, retrieving the plaintext by decrypting ciphertext is feasible. Asymmetric Key Encryption was invented in the 20th century to come over the necessity of pre-shared secret key between communicating persons. The salient features of this encryption scheme are as follows: • Every user in this system needs to have a pair of dissimilar keys, private key and public key. These keys are mathematically related – when one key is used for encryption, the other can decrypt the ciphertext back to the original plaintext. • It requires to put the public key in public repository and the private key as a well guarded secret. Hence, this scheme of encryption is also called Public Key Encryption. SYMMETRIC KEY CRYPTOGRAPHY:
  • 16. In the present era, not only business but almost all the aspects of human life are driven by information. Hence, it has become imperative to protect useful information from malicious activities such as attacks. Let us consider the types of attacks to which information is typically subjected to. Attacks are typically categorized based on the action performed by the attacker. An attack, thus, can be passive or active. Passive Attacks The main goal of a passive attack is to obtain unauthorized access to the information. For example, actions such as intercepting and eavesdropping on the communication channel can be regarded as passive attack. These actions are passive in nature, as they neither affect information nor disrupt the communication channel. A passive attack is often seen as stealing information. The only difference in stealing physical goods and stealing information is that theft of data still leaves the owner in possession of that data. Passive information attack is thus more dangerous than stealing of goods, as information theft may go unnoticed by the owner. Attacks on Cryptography Host A Host B Attacker
  • 17. Active Attacks An active attack involves changing the information in some way by conducting some process on the information. For example • Modifying the information in an unauthorized manner. • Initiating unintended or unauthorized transmission of information. • Alteration of authentication data such as originator name or timestamp associated with information. • Unauthorized deletion of data. • Denial of access to information for legitimate users (denial of service). H Host A Host B Attacker
  • 18. Cryptography provides many tools and techniques for implementing cryptosystems capable of preventing most of the attacks described above. Cryptographic Attacks The basic intention of an attacker is to break a cryptosystem and to find the plaintext from the ciphertext. To obtain the plaintext, the attacker only needs to find out the secret decryption key, as the algorithm is already in public domain. Hence, he applies maximum effort towards finding out the secret key used in the cryptosystem. Once the attacker is able to determine the key, the attacked system is considered as broken or compromised. Based on the methodology used, attacks on cryptosystems are categorized as follows: • Ciphertext Only Attacks (COA): In this method, the attacker has access to a set of ciphertext(s). He does not have access to corresponding plaintext. COA is said to be successful when the corresponding plaintext can be determined from a given set of ciphertext. Occasionally, the encryption key can be determined from this attack. Modern cryptosystems are guarded against ciphertext-only attacks. • Known Plaintext Attack (KPA): In this method, the attacker knows the plaintext for some parts of the ciphertext. The task is to decrypt the rest of the ciphertext using this information. This may be done by determining the key or via some other method. The best example of this attack is linear cryptanalysis against block ciphers. • Chosen Plaintext Attack (CPA): In this method, the attacker has the text of his choice encrypted. So he has the ciphertext-plaintext pair of his choice. This simplifies his task of determining the encryption key. An example of this attack is differential cryptanalysis applied against block
  • 19. ciphers as well as hash functions. A popular public key cryptosystem, RSA is also vulnerable to chosen-plaintext attacks. • Dictionary Attack: This attack has many variants, all of which involve compiling a ‘dictionary’. In simplest method of this attack, attacker builds a dictionary of ciphertexts and corresponding plaintexts that he has learnt over a period of time. In future, when an attacker gets the ciphertext, he refers the dictionary to find the corresponding plaintext. • Brute Force Attack (BFA): In this method, the attacker tries to determine the key by attempting all possible keys. If the key is 8 bits long, then the number of possible keys is 28 = 256. The attacker knows the ciphertext and the algorithm, now he attempts all the 256 keys one by one for decryption. The time to complete the attack would be very high if the key is long.
  • 20. Hash Function Hash functions are extremely useful and appear in almost all information security applications. A hash function is a mathematical function that converts a numerical input value into another compressed numerical value. The input to the hash function is of arbitrary length but output is always of fixed length. Values returned by a hash function are called message digest or simply hash values. The following picture illustrated hash function: H Message M (Arbitrary Length) HH Hash Value h
  • 21. Features of Hash Functions The typical features of hash functions are: • Fixed Length Output (Hash Value) o Hash function coverts data of arbitrary length to a fixed length. This process is often referred to as hashing the data. o In general, the hash is much smaller than the input data, hence hash functions are sometimes called compression functions. • Efficiency of Operation o Generally for any hash function h with input x, computation of h(x) is a fast operation. o Computationally hash functions are much faster than a symmetric encryption. Properties of Hash Functions In order to be an effective cryptographic tool, the hash function is desired to possess following properties: • Pre-Image Resistance o This property means that it should be computationally hard to reverse a hash function. o In other words, if a hash function h produced a hash value z, then it should be a difficult process to find any input value x that hashes to z.
  • 22. • Second Pre-Image Resistance o This property means given an input and its hash, it should be hard to find a different input with the same hash. o In other words, if a hash function h for an input x produces hash value h(x), then it should be difficult to find any other input value y such that h(y) = h(x). • Collision Resistance o This property means it should be hard to find two different inputs of any length that result in the same hash. This property is also referred to as collision free hash function. o In other words, for a hash function h, it is hard to find any two different inputs x and y such that h(x) = h(y).
  • 23. Cryptography-Benefits and Drawbacks Cryptography–Benefits Cryptography is an essential information security tool. It provides the four most basic services of information security: • Confidentiality – Encryption technique can guard the information and communication from unauthorized revelation and access of information. • Authentication – The cryptographic techniques such as MAC and digital signatures can protect information against spoofing and forgeries. • Data Integrity – The cryptographic hash functions are playing vital role in assuring the users about the data integrity. • Non-repudiation – The digital signature provides the non-repudiation service to guard against the dispute that may arise due to denial of passing message by the sender. All these fundamental services offered by cryptography has enabled the conduct of business over the networks using the computer systems in extremely efficient and effective manner. Cryptography–Drawbacks Apart from the four fundamental elements of information security, there are other issues that affect the effective use of information: • A strongly encrypted, authentic, and digitally signed information can be difficult to access even for a legitimate user at a crucial time of decision-making. The network or the computer system can be attacked and rendered non-functional by an intruder. • High availability, one of the fundamental aspects of information security,
  • 24. cannot be ensured through the use of cryptography. Other methods are needed to guard against the threats such as denial of service or complete breakdown of information system. • Another fundamental need of information security of selective access control also cannot be realized through the use of cryptography. Administrative controls and procedures are required to be exercised for the same. • Cryptography does not guard against the vulnerabilities and threats that emerge from the poor design of systems, protocols, and procedures. These need to be fixed through proper design and setting up of a defensive infrastructure. • Cryptography comes at cost. The cost is in terms of time and money: o Addition of cryptographic techniques in the information processing leads to delay. o The use of public key cryptography requires setting up and maintenance of public key infrastructure requiring the handsome financial budget. • The security of cryptographic technique is based on the computational difficulty of mathematical problems. Any breakthrough in solving such mathematical problems or increasing the computing power can render a cryptographic technique vulnerable.
  • 25. Applications Of Cryptography 1. Defense Services 2. Secure Data Manipulation 3. E –Commerce 4. Business Transactions 5. Internet Payment Systems 6. Pass Phrasing 7. Secure Internet Comm. 8. User Identification Systems 9. Access Control 10. Computational Security 11.Secure access to Corp Data
  • 26. 12.Data Security. Conclusion Cryptography protects users by providing functionality for the encryption of data and authentication of other users. This technology lets the receiver of an electronic message verify the sender, ensures that a message can be read only by the intended person, and assures the recipient that a message has not be altered in transit. This paper describes the cryptographic concepts of symmetric key encryption, public-key encryption, security services of cryptography, hash functions, Attacks on cryptosystem, and key exchange. The Cryptography Attacking techniques like Active and Passive Attacks. Cryptography is a particularly interesting field because of the amount of work that is, by necessity, done in secret. The irony is that today, secrecy is not the key to the goodness of a cryptographic algorithm. Regardless of the mathematical theory behind an algorithm, the best algorithms are those that are well known and well-documented because they are also well-tested and well-studied! In fact, time is the only true test of good cryptography; any cryptographic scheme that stays in use year after year is most likely a good one. The strength of cryptography lies in the choice (and management) of the keys; longer keys will resist attack better than shorter keys.
  • 27. References: • Cryptography and Network Security –By William Stallings. • Introduction to Cryptography –By Aysel Ozgur • https://www.google.com